Security trends to watch in 2010: A mid-year status check

Symantec |
Aug. 13, 2010

As 2009 came to a close, we at Symantec looked into our crystal ball and made a few predictions of what we expected to see in 2010.

Status: On track

Reasoning: OK, so we didnt exactly go out on a limb here. Social engineering is likely the worlds second oldest profession and its exploitation in the digital world was nothing unexpected. However, we have seen its effectiveness improve even further thanks to Web 2.0. With so many computer users enraptured in a love affair with social networking, we have become accustomed to receiving emails announcing so-and-so would like to be our friend or is now following us. Attackers are taking advantage of this and are devising ever-more creative and convincing tricks to get users to download malware or divulge sensitive information.

Phishing attacks are a prime example of a socially engineered threat. Through the first half of 2010, an average of approximately one in every 476 emails included some form of phishing attack. What makes these attacks even more dangerous is that they are completely operating system agnostic. In a world that is becoming less centralized around the PC, phishing allows cybercriminals to take advantage of computer users regardless of what platform they are operating on. For example, in July 2010 Symantec observed a phishing website that spoofed an Internet Service Provider popular in Australia. Users received an email stating the ISP was unable to verify their account due to a recent change in their contact details. It linked to the spoofed site and requested users visit it in order to confirm crucial customer information, including billing details such as credit card numbers. In a case such as this, Windows, Macintosh and even mobile phone users are all vulnerable to online fraud.

We have also seen social engineering play a large role in some recent, very high-profile attacks. For example, earlier this year the infamous Hydraq attacks against a number of large organizations used, at least in part, socially engineered emails sent to an individual or a small group of individuals within the affected organizations. Once the user was tricked into either clicking a malicious link or opening an attachment, the Hydraq Trojan was installed on their machine.

Prediction #3

Rogue Security Software Vendors Escalate Their Efforts In 2010, expect to see the propagators of rogue security software scams take their efforts to the next level, even by hijacking users computers, rendering them useless and holding them for ransom. A less drastic next step, however, would be software that is not explicitly malicious, but dubious at best. For example, Symantec has already observed some rogue antivirus vendors selling rebranded copies of free third-party antivirus software as their own offerings. In these cases, users are technically getting the antivirus software that they pay for, but in reality the software can be downloaded for free elsewhere.